package com.atguigu.lease.web.app.custom.interceptor;

import com.atguigu.lease.common.exception.LeaseException;
import com.atguigu.lease.common.result.ResultCodeEnum;
import com.atguigu.lease.common.utils.JwtUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ObjectUtils;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

/**
 * @Package: com.atguigu.lease.web.app.custom.interceptor
 * @ClassName: AuthenticationInterceptor
 * @Author luu
 * @create 2024/10/11 22:25
 * @Description:
 */
@Component
public class AuthenticationInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        //1.获取token (约定好 请求头，key是固定: access_token) , 没有直接抛出
        String token = request.getHeader("access_token");
        if (ObjectUtils.isEmpty(token)) {
            throw new LeaseException(ResultCodeEnum.APP_LOGIN_AUTH);
        }
        //2. 检查 token 是否过期和被篡改
        JwtUtil.parseToken(token);
        return true;
    }


}
